IETF Logo Mail Archive

Re: [Jwt-reg-review] Claims registration question

Brian Campbell <bcampbell@pingidentity.com> Thu, 23 April 2015 16:30 UTC

Return-Path: <bcampbell@pingidentity.com>
X-Original-To: jwt-reg-review@ietfa.amsl.com
Delivered-To: jwt-reg-review@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AAB061A6F5D for <jwt-reg-review@ietfa.amsl.com>; Thu, 23 Apr 2015 09:30:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.978
X-Spam-Level:
X-Spam-Status: No, score=-2.978 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, J_CHICKENPOX_22=0.6, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Z4a-86uaTGVt for <jwt-reg-review@ietfa.amsl.com>; Thu, 23 Apr 2015 09:30:07 -0700 (PDT)
Received: from mail-ig0-f175.google.com (na3sys009aog136.obsmtp.com [74.125.149.85]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 783BB1A872E for <jwt-reg-review@ietf.org>; Thu, 23 Apr 2015 09:29:52 -0700 (PDT)
Received: from mail-ig0-f175.google.com ([209.85.213.175]) (using TLSv1) by na3sys009aob136.postini.com ([74.125.148.12]) with SMTP ID DSNKVTkeAJBOJP6fekfA8wG0p35mpPeUOn/4@postini.com; Thu, 23 Apr 2015 09:29:52 PDT
Received: by igbpi8 with SMTP id pi8so13295762igb.0 for <jwt-reg-review@ietf.org>; Thu, 23 Apr 2015 09:29:51 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=JK/oHlz2QoaSNqTM+PxcrYNKbLR4LxFDt7exQXOoqKo=; b=Ui21yzcIjWUT6Zh2wFaDWGqZg1X7ExXy21RGJb1nJCFSAao+7geuFYCtBcAeAd/jqv SxFfFItBhWdTrY/0QYdB3CbBn9+/OmVDI5ZWuGNQ97/SV1ERf3U6whTyefz8PqCP7i2w mnujZKVomZi1AFshc3f4gPWzpi7aEYRgj+XI5a22WVtuzB052MhV5ytoB58HTQcVn2g8 9g2Hi0Zmzcfg2a36lFjSZp5RXJV9SB29n37PHiUWzDPdfqNI/IQkpyrq3j87wYROIcnQ CQRgUduVEcfd5ZaK7maeoTpDesISyD/sS46gTiz2UNcEOQ67lDIxaKmet0ePP2/cuSDK 0Azg==
X-Gm-Message-State: ALoCoQnBW1v2VQM3CKUXorVTzP4EGM6Agv3bTDGbFsCB9DZOqqY/I8u8D3LdzqOPd+J83snFc1ISjNWC9+feyQ42m1caueF+z16yDnbanshkcvEeGYCmJs2i95FDf8R3qoBHvFSSxJ3ugSc0L4lIehRVTNS28kdX9g==
X-Received: by 10.50.1.47 with SMTP id 15mr13243861igj.40.1429806591755; Thu, 23 Apr 2015 09:29:51 -0700 (PDT)
X-Received: by 10.50.1.47 with SMTP id 15mr13243836igj.40.1429806591563; Thu, 23 Apr 2015 09:29:51 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.64.240.15 with HTTP; Thu, 23 Apr 2015 09:29:20 -0700 (PDT)
In-Reply-To: <4D256956-BEB5-459A-98D3-94416B37AA6F@me.com>
References: <etPan.55381d39.643c9869.158@Macintosh-5.local> <4D256956-BEB5-459A-98D3-94416B37AA6F@me.com>
From: Brian Campbell <bcampbell@pingidentity.com>
Date: Thu, 23 Apr 2015 10:29:20 -0600
Message-ID: <CA+k3eCTF8puhFoRgTt7KkEVmBopBQkSng_-3VjY6La3z8K0t9A@mail.gmail.com>
To: John Bradley <jbradley@me.com>
Content-Type: multipart/alternative; boundary="047d7bdc1a70fcf11a051466c95a"
Archived-At: <http://mailarchive.ietf.org/arch/msg/jwt-reg-review/zfir_sj1S6WBCGiR3tGxnIH-KrA>
Cc: Bart Grantham <bart@genecloud.com>, "jwt-reg-review@ietf.org" <jwt-reg-review@ietf.org>
Subject: Re: [Jwt-reg-review] Claims registration question
X-BeenThere: jwt-reg-review@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Expert review of proposed IANA registrations for JSON Web Token \(JWT\) claims." <jwt-reg-review.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jwt-reg-review>, <mailto:jwt-reg-review-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jwt-reg-review/>
List-Post: <mailto:jwt-reg-review@ietf.org>
List-Help: <mailto:jwt-reg-review-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jwt-reg-review>, <mailto:jwt-reg-review-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 Apr 2015 16:30:13 -0000

Indeed org.genomicsandhealth.* itself also seems sufficiently
collision-resistant.

On Thu, Apr 23, 2015 at 10:06 AM, John Bradley <jbradley@me.com> wrote:

> You can use public collision resistant names like
> http://genomicsandhealth.org/claims/value1 That also allows for the claim
> to be documented via the follow your nose principal.
> https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.2
>
> You could use that and then register them if there is a need for
> interoperability outside your community.
>
> If you established that pattern, it would be unlikely that anyone other
> than the owner of that namespace is going to register something in the
> registry that conflicts with you.
>
> John B.
> > On Apr 22, 2015, at 7:14 PM, Bart Grantham <bart@genecloud.com> wrote:
> >
> > A standards body that my company is involved in, the Global Alliance for
> Genomic Health (“GA4GH”), is looking at OAuth2/OpenID Connect for identity
> management amongst the various projects and it occurs to us that it may be
> necessary for the GA4GH to register domain-specific claims regarding
> researcher’s qualifications/membership in organizations.
> >
> > I’m wondering if it’s possible for the GA4GH to claim, after appropriate
> discussion and review, a wildcard claim?  Something like
> org.genomicsandhealth.* ?  This would allow the GA4GH to internally manage
> the registration of claims that that are relavant to the organization
> (“org.genomicsandhealth.projects.beacon”,
> “org.genomicsandhealth.eu_commons”, etc.)
> >
> > If this is not possible, is there an alternative to registering each and
> every claim name that arises with IANA?
> >
> > --
> > Bart Grantham
> > _______________________________________________
> > Jwt-reg-review mailing list
> > Jwt-reg-review@ietf.org
> > https://www.ietf.org/mailman/listinfo/jwt-reg-review
>
> _______________________________________________
> Jwt-reg-review mailing list
> Jwt-reg-review@ietf.org
> https://www.ietf.org/mailman/listinfo/jwt-reg-review
>

v2.23.0 | Report a Bug | By Email